Skip to content

Bot feedback and messages

Feedback from the VIP Code Analysis Bot will be posted on reviewed pull requests based on the results of the automated scans including Vulnerability and Update Scan, PHPCS analysis, PHP linting, and SVG analysis. Feedback from the VIP Code Analysis Bot can be handled in several ways:

Many issues noted in feedback will be correct and should be addressed, but as with all automated feedback there can be some incorrectly flagged issues that are safe to ignore (false positives). There may also be some issues that the bot feedback misses (false negatives). All feedback provided by the Bot should be carefully evaluated.

A more detailed explanation of errors and warnings for each severity level is available for interpreting PHPCS feedback.

Maximum number of active comments

The Bot is configured to post a maximum number of 18 comments per pull request review. If more than 18 comments are needed for the Bot to report the total issues found, those additional comments will be posted in separate reviews. The Bot is configured to ensure that there are no more than 100 “active” comments in each pull request. “Active” comments are comments made by the Bot and are not outdated. 

This comment limitation is in place to limit the number of calls to the GitHub API.

GitHub API communication error

If the Bot has a problem communicating with the GitHub API, it will post a message to pull requests saying that there has been a GitHub API communication error and that a human should be contacted.

An example of a message from the Bot reporting a GitHub API communication error

In most cases this error occurs due to problems with the GitHub API itself. The message usually disappears when a pull request is scanned again, which happens when new commits are pushed to the pull request. If the problem persists, check the GitHub status page for reported issues with the GitHub API.

Last updated: December 22, 2023

Relevant to

  • WordPress